ADWARE_FINDMENOW
Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)
Threat Type: Adware
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This adware may arrive bundled with malware packages as a malware component.
It requires its main component to successfully perform its intended routine.
TECHNICAL DETAILS
94,208 bytes
DLL
07 Apr 2011
Arrival Details
This adware may arrive bundled with malware packages as a malware component.
Other System Modifications
This adware adds the following registry keys:
HKEY_CLASSES_ROOT\Xmlmimefilter.XMLMimeFilterPP
HKEY_CLASSES_ROOT\Xmlmimefilter.XMLMimeFilterPP.1
HKEY_CLASSES_ROOT\CLSID\{53B95211-7D77-11D2-9F81-00104B107C96}
HKEY_CLASSES_ROOT\TypeLib\{53B95204-7D77-11D2-9F81-00104B107C96}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Xmlmimefilter.XMLMimeFilterPP
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Xmlmimefilter.XMLMimeFilterPP.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{53B95211-7D77-11D2-9F81-00104B107C96}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
PROTOCOLS\Handler\start
It modifies the following registry entries:
HKEY_CLASSES_ROOT\PROTOCOLS\Handler\
about
CLSID = "{53B95211-7D77-11D2-9F81-00104B107C96}"
(Note: The default value data of the said registry entry is {Default}.)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
PROTOCOLS\Handler\about
CLSID = "{53B95211-7D77-11D2-9F81-00104B107C96}"
(Note: The default value data of the said registry entry is {Default}.)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Main
Start Page = "about:blank"
(Note: The default value data of the said registry entry is {Default}.)
Other Details
This adware requires its main component to successfully perform its intended routine.